Welcome to PwC

Cyberattacks will be more powerful because of AI—but so will cyberdefense

One job where AI has already shown clear superiority over human beings? Hacking. And now it will be crucial to your cybersecurity strategy. That's one of eight predictions to know about AI in 2018.

What’s one job where AI has already shown superiority over human beings? Hacking. Machine learning, for example, can easily enable a malicious actor to follow your behavior on social media, then customize phishing tweets or emails—just for you. A human hacker can’t do the job nearly as well or as quickly.

The more AI advances, the more its potential for cyberattacks grows too. Techniques like advanced machine learning, deep learning, and neural networks enable computers to find and interpret patterns. They can also find and exploit vulnerabilities.

Intelligent malware and ransomware that learns as it spreads, machine intelligence coordinating global cyberattacks, advanced data analytics to customize attacks—unfortunately, it’s all on its way to your organization soon. And AI itself, if not well-protected, gives rise to new vulnerabilities. Malicious actors could, for example, inject biased data into algorithms’ training sets.

AI to the rescue

Just as we expect AI to be a growing cyberthreat this year, we’re also confident it will be part of the solution. Already, scalable machine learning techniques combined with cloud technology are analyzing enormous amount of data and powering real-time threat detection and analysis. AI capabilities can also quickly identify “hot spots” where cyberattacks are surging and provide cybersecurity intelligence reports.

Yet even in cybersecurity, some things only people can do. Humans are better at absorbing context and thinking imaginatively. Cyberwars won’t simply be two sets of computers battling it out. But AI will become an important part of every major organization’s cybersecurity toolkit.

Implications

Don’t bring a knife to a gunfight

In other parts of the enterprise, many organizations may choose to go slow on AI, but in cybersecurity there’s no holding back: Attackers will use AI, so defenders will have to use it too. If an organization’s IT department or cybersecurity provider isn’t already using AI, it has to start thinking immediately about AI’s short- and long-term security applications. Sample use cases include distributed denial of service (DDOS) pattern recognition, prioritization of log alerts for escalation and investigation, and risk-based authentication.

Cybersecurity may speed up AI’s acceptance

Since even AI-wary organizations will have to use AI for cybersecurity, cyberdefense will be many enterprises’ first experience with AI. We see this fostering familiarity with AI and willingness to use it elsewhere. A further spur to AI acceptance will come from its hunger for data: The greater AI’s presence and access to data throughout an organization, the better it can defend against cyberthreats. Some organizations are already building out on-premise and cloud-based “threat lakes,” that will enable AI capabilities.

An AI hack may increase public fears

Many people are already nervous about AI. Even more are concerned about cybersecurity. It’s possible that when AI makes headlines this year, it won’t be for helping humanity—but for having enabled a major hack. Better cybersecurity can mitigate this risk. Besides developing feature sets for AI capabilities, this heightened security will require companies to augment the data and compute platforms that support advanced analytics with privileged access monitoring, object-level change management, source code reviews, and expanded cybersecurity controls, among other precautions.